Hello, welcome to the Wednesday, August 17th, 2016 edition of the Santernet Storm Center's Stormcast.

My name is Johannes Ulrich, and I am recording from Stockheim, Germany.

One of the frontiers in cryptology right now is something called homomorphic encryption.

The idea behind this is that I can take data, I can encrypt it, and then I can

apply functions on the data without having to decrypt it first. Of course, this sounds pretty much

like magic and as a result it's not easy to get it right. Microsoft, for example, has some limited homomorphic encryption functions that they recently published in the library,

but they do not support all kinds of transforms on it, so you are limited to very specific operations that perform on the data.

So two years ago, researchers at MIT came up with an encryption scheme that they called

a fully homomorphic.

So what this means you can encrypt the data and then perform any function on the encrypted

data.

Sadly, as we learn now, this encryption scheme isn't as secure as it was originally believed.

There are some fairly classic weaknesses actually in this encryption scheme.

For example, it does allow messages to be broadcast.

But then again, if you see the same message multiple times sent to

different recipients, each recipient of course would use a different key, you would be able to

decrypt the original message. So this was one of the flaws. Other flaws are related to the typical oracles where what you do is you essentially

manipulate data, send it to a system that's able to decrypt the data, and then based on the

response you get back, you know whether or not you got certain parts of the right.

So in short, it's back to the drawing boards for

that particular algorithm maybe they'll get it work eventually it's certainly

something that's very much missing if you think about a lot of the attacks that

...